Hive Social Shuts Down App Due To Security Issues After Rise in Sign-ups
Hive Social, an app many considered to be the new alternative to Instagram and Twitter, has completely shut down its servers to address security issues after it struggled to handle a recent surge in sign-ups.
Social media app, Hive has exploded in popularity in the last few weeks following Elon Musk’s controversial takeover of Twitter.
Hi everyone!🐝
The Hive team has become aware of security issues that affect the stability of our application and the safety of our users. Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience pic.twitter.com/wOgW7ga9xN— Hive (@TheHIVE_Social) December 1, 2022
On November 22, Hive hit one million users after a dramatic rise in sign-ups — with the three-year-old social media app gaining 250,000 new users in one night.
However, the app — which is currently only run by its founder and two others — has struggled to handle the recent surge in interest.
On Wednesday, Hive Social announced that it was completely shutting down its servers in response to concerns raised by security researchers who discovered many critical vulnerabilities on Hive, several of which they say remain unfixed.
TechCrunch reports that Hive discovered issues on the app that would allow attackers access to all data, including private posts and messages, shared media and even deleted direct messages, as well as the ability to edit other people’s Hive posts.
According to Hive, the shutdown is temporary, and “fixing these issues will require temporarily turning off our servers for a couple of days.”
‘Do Not Use Hive Social’
On Tuesday, the researchers at German cyber group Zerforschung issued a statement, warning people not to use Hive.
Warning: Do not use Hive Social ⚠️🐝
We found multiple critical security vulnerabilities in the App, leaking private messages, posts, images and user data like phone numbers, emails and birthdates.https://t.co/r02xXr4fQR
— zerforschung (@zerforschung) November 30, 2022
In a blog post, Zerforschung claimed that there were a number of security vulnerabilities contained within the social media platform.
“The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages. This also includes private email addresses and phone numbers entered during login,” the security group writes.
The cyber group said that attackers can also overwrite data such as posts owned by other users.
Zerforschung also alleged that it had discovered many other security problems but it would not share them for privacy reasons. The group also suggested that users move to Hive’s competitor Mastodon instead.
Zerforschung claimed it confidentially reported the security vulnerabilities to Hive’s team. Several days later, Hive replied, claiming the issues were fixed. However, the researchers found that this was not the case, so they took their concerns to the public, warning people against using Hive’s app.
The following day, Hive announced that it had decided to make the extreme step of temporarily shutting down its servers to resolve the security issues.
No accounts or data have been leaked. Shutting down the server is a preventative measure.
— Hive (@TheHIVE_Social) December 1, 2022
In another tweet, Hive also confirmed that no accounts or data had been leaked and it had shut down the servers purely as a preventative measure.
According to TechCrunch, Hive also claimed in a series of tweets that they never told Zerforschung that the issues were “fixed” but that they were “fixing” them, eventually deciding to go offline until problems were addressed.